OSX/sec/Security/SecOTRSession.h

   1 /*
   2  * Copyright (c) 2011-2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 #ifndef _SECOTRSESSION_H_
  26 #define _SECOTRSESSION_H_
  27
  28 #include <CoreFoundation/CFBase.h>
  29 #include <CoreFoundation/CFData.h>
  30
  31 #include <Security/SecOTR.h>
  32
  33 __BEGIN_DECLS
  34
  35 // MARK: MessageTypes
  36
  37 enum SecOTRSMessageKind {
  38     kOTRNegotiationPacket,
  39     kOTRDataPacket,
  40     kOTRUnknownPacket
  41 };
  42
  43 // MARK: OTR Session
  44
  45 enum SecOTRCreateFlags {
  46     kSecOTRSendTextMessages = 1 << 0, // OTR messages will be encoded as Base-64 with header/footer per the standard, not just given back in binary
  47     kSecOTRUseAppleCustomMessageFormat = 1 << 1, // OTR Messages will be encoded without revealing MAC keys and as compact as we can (P-256)
  48     kSecOTRIncludeHashesInMessages = 1 << 2,
  49     kSecOTRSlowRoll = 1 << 3,
  50 };
  51
  52 /*!
  53  @typedef
  54  @abstract   OTRSessions encapsulate a commuincaiton between to parties using the
  55              otr protocol.
  56  @discussion Sessions start with IDs. One end sends a start packet (created with AppendStartPacket).
  57              Both sides process packets they exchange on the negotiation channel.
  58  */
  59 typedef struct _SecOTRSession* SecOTRSessionRef;
  60
  61 SecOTRSessionRef SecOTRSessionCreateFromID(CFAllocatorRef allocator,
  62                                            SecOTRFullIdentityRef myID,
  63                                            SecOTRPublicIdentityRef theirID);
  64
  65 SecOTRSessionRef SecOTRSessionCreateFromIDAndFlags(CFAllocatorRef allocator,
  66                                            SecOTRFullIdentityRef myID,
  67                                            SecOTRPublicIdentityRef theirID,
  68                                            uint32_t flags);
  69
  70 SecOTRSessionRef SecOTRSessionCreateFromData(CFAllocatorRef allocator, CFDataRef data);
  71
  72     void SecOTRSessionReset(SecOTRSessionRef session);
  73 OSStatus SecOTRSAppendSerialization(SecOTRSessionRef publicID, CFMutableDataRef serializeInto);
  74
  75 OSStatus SecOTRSAppendStartPacket(SecOTRSessionRef session, CFMutableDataRef appendInitiatePacket);
  76
  77 OSStatus SecOTRSAppendRestartPacket(SecOTRSessionRef session, CFMutableDataRef appendPacket);
  78
  79 OSStatus SecOTRSProcessPacket(SecOTRSessionRef session,
  80                               CFDataRef incomingPacket,
  81                               CFMutableDataRef negotiationResponse);
  82
  83 OSStatus SecOTRSEndSession(SecOTRSessionRef session,
  84                            CFMutableDataRef messageToSend);
  85
  86
  87 bool SecOTRSIsForKeys(SecOTRSessionRef session, SecKeyRef myPublic, SecKeyRef theirPublic);
  88 bool SecOTRSGetIsReadyForMessages(SecOTRSessionRef session);
  89 bool SecOTRSGetIsIdle(SecOTRSessionRef session);
  90
  91 enum SecOTRSMessageKind SecOTRSGetMessageKind(SecOTRSessionRef session, CFDataRef incomingPacket);
  92
  93 /*!
  94  @function
  95  @abstract   Precalculates keys for current key sets to save time when sending or receiving.
  96  @param      session                OTRSession receiving message
  97  */
  98 void SecOTRSPrecalculateKeys(SecOTRSessionRef session);
  99
 100 /*!
 101  @function
 102  @abstract   Encrypts and Signs a message with OTR credentials.
 103  @param      session                OTRSession receiving message
 104  @param      sourceMessage          Cleartext message to protect
 105  @param      protectedMessage       Data to append the encoded protected message to
 106  @result     OSStatus               errSecAuthFailed -> bad signature, no data appended.
 107  */
 108
 109 OSStatus SecOTRSSignAndProtectMessage(SecOTRSessionRef session,
 110                                       CFDataRef sourceMessage,
 111                                       CFMutableDataRef protectedMessage);
 112
 113 /*!
 114  @function
 115  @abstract   Verifies and exposes a message sent via OTR
 116  @param      session                OTRSession receiving message
 117  @param      incomingMessage        Encoded message
 118  @param      exposedMessageContents Data to append the exposed message to
 119  @result     OSStatus               errSecAuthFailed -> bad signature, no data appended.
 120  */
 121
 122 OSStatus SecOTRSVerifyAndExposeMessage(SecOTRSessionRef session,
 123                                        CFDataRef incomingMessage,
 124                                        CFMutableDataRef exposedMessageContents);
 125
 126
 127
 128 const char *SecOTRPacketTypeString(CFDataRef message);
 129
 130 CFDataRef SecOTRSessionCreateRemote(CFDataRef publicPeerId, CFErrorRef *error);
 131 bool SecOTRSessionProcessPacketRemote(CFDataRef sessionData, CFDataRef inputPacket, CFDataRef* outputSessionData, CFDataRef* outputPacket, bool *readyForMessages, CFErrorRef *error);
 132
 133
 134 __END_DECLS
 135
 136 #endif